<?php
include '../classes/Authentication.php';
include '../classes/HTML.php';
session_start ();
$auth = new Authentication ();
$auth->checkAuthentication ($_SERVER['PHP_SELF'], 1);
HTML::createHeader('Benutzer erstellen', 'users_create.css');
$db = new DB_For_User();

$user = $db->getUserById($_REQUEST['id']);
//print_r($user);
?>
<body>
	<?php HTML::createLogobar($auth->getUser());?>
	<div class="container">
		<div class="row">
			<div class="col-md-3">
				<h3>Infos</h3>
				<p>Zur&uuml;ck zur &Uuml;bersicht:</p>
				<form method="post" action="users.php">
					<button type="submit" name="back" class="btn btn-default">Zur&uuml;ck &raquo;</button>
				</form>
				<?php
					if($db->getUserById($_SESSION['user_ID'])->getGrant() > 1)
						echo '
						<br />
						<p>Passwort zur&uuml;cksetzen:</p>
						<form method="post" action="users.php">
	 					<button type="submit" name="pwReset" class="btn btn-default">Zur&uuml;cksetzen &raquo;</button>
	 					</form>';
 				?>
			</div>
			<div class="col-md-4">
				<h3>User</h3>
				<?php 
					if(isset($_POST['passwordSubmit'])) {
						if($_POST['password1'] == $_POST['password2']) {
							if($user->setPassword($_POST['passwordOld'], $_POST['password1']))
								header('Location: users_modify.php?id=' . $user->getUser_id() . '&email=' . $user->getEmail() . '&grant=' . $user->getGrant());
							else 
								echo '<p style="color: red;">Passwort &auml;nderung fehlgeschlagen!</p>';
						} else {
							echo '<p style="color: red;">Passw&ouml;rter stimmen nicht &uuml;berein!</p>';
						}
					}
					if(isset($_POST['emailSubmit'])) {
						if($user->setEmail($_POST['email'])) {
							$user->setGrant($_POST['grant']);
							header('Location: users_modify.php?id=' . $user->getUser_id() . '&email=' . $user->getEmail() . '&grant=' . $user->getGrant());
						} else
							echo "Beim &auml;ndern der Email ist ein Fehler aufgetreten!";
					}
				?>
				<form method="post" action="users_modify.php">
					<div class="form-group">
						<input type="hidden" name="id" value="<?php if(isset($_REQUEST['id'])) echo $_REQUEST['id'] ?>">
						E-Mail <input type="email" name="email" placeholder="Email" value="<?php if(isset($_REQUEST['email'])) echo $_REQUEST['email'] ?>" class="form-control" required>
						Rechte<br />
 						<select name="grant" <?php if($db->getUserById($_SESSION['user_ID'])->getGrant() < 2) echo 'disabled="disabled"' ?>>
							<option value="0" <?php if(isset($_REQUEST['grant'])) { if($_REQUEST['grant'] == 0) { echo 'selected="selected"';} }?>>Visitor</option>
							<option value="1" <?php if(isset($_REQUEST['grant'])) { if($_REQUEST['grant'] == 1) { echo 'selected="selected"';} }?>>Inventor</option>
						</select>
					</div>
					<button type="submit" name="emailSubmit" class="btn btn-default">&Auml;ndern &raquo;</button>
				</form>
				<h2>Passwort</h2>
				<form method="post" action="users_modify.php">
					<div class="form-group">
					<input type="hidden" name="id" value="<?php if(isset($_REQUEST['id'])) echo $_REQUEST['id'] ?>">
					Altes Passwort <input type="password" name="passwordOld" placeholder="Altes Passwort" value="<?php if(isset($_POST['passwordOld'])) echo $_POST['passwordOld'] ?>" class="form-control" required>
					Passwort <input type="password" name="password1" placeholder="Passwort" class="form-control" required>
					Passwort wiederholen <input type="password" name="password2" placeholder="Passwort wiederholen" class="form-control" required>
					</div>
					<button type="submit" name="passwordSubmit" class="btn btn-default">&Auml;ndern &raquo;</button>
				</form>
			</div>
		</div>
		<?php HTML::createFooter();?>
	</div>
	<?php HTML::includeJS();?>
</body>
</html>